The login page for the Nagios XI management interface prior to version 2009R1.3 is vulnerable to cross-site scripting (XSS). This vulnerability does not require the victim to be authenticated. This vulnerability was originally thought to be addressed in version 2009R1.2C.
e70887b72d05c6675a468a37609a7d93b2d59e5dfb89be8044b6c7db330dace2